Certificate

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/324de8920173d39f7e57f07a22d818efa49b5475.cer
File:                     324de8920173d39f7e57f07a22d818efa49b5475.cer (raw, json)
Hash identifier:          2ZgyVrHL2chQhzAwlcyRz1iniQ3U0eYupQj5iXjlRH8=
Subject key identifier:   DB:87:53:92:F1:F6:36:60:C3:8D:0B:02:48:CF:61:31:D6:70:90:6F
Authority key identifier: 14:70:94:B4:E4:47:E3:EE:2D:CC:3F:D5:27:3D:46:EB:9D:C4:78:07
Certificate issuer:       /CN=production O=lacnic
Certificate serial:       F528BC
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
Manifest:                 rsync://repository.lacnic.net/rpki/lacnic/171fbb0a-3d2e-49a7-869d-e8c2b4c1f070/324de8920173d39f7e57f07a22d818efa49b5475.mft
caRepository:             rsync://repository.lacnic.net/rpki/lacnic/171fbb0a-3d2e-49a7-869d-e8c2b4c1f070/
Notify URL:               https://rrdp.lacnic.net/rrdp/notification.xml
Certificate not before:   Tue 18 May 2021 20:24:51 +0000
Certificate not after:    Sat 14 Sep 2024 22:58:24 +0000
Subordinate resources:    AS: 262200
                          IP: 200.124.120.0/24
                          IP: 2801:0:1f0::/48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 16066748 (0xf528bc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=production O=lacnic
        Validity
            Not Before: May 18 20:24:51 2021 GMT
            Not After : Sep 14 22:58:24 2024 GMT
        Subject: CN=324de8920173d39f7e57f07a22d818efa49b5475
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:60:18:e3:23:09:9c:2f:e7:d3:0d:b5:c1:d0:
                    06:3b:ad:f4:77:eb:a3:19:73:bd:5e:91:cc:7c:27:
                    9f:57:d4:f2:01:f0:f7:bb:a9:0d:70:60:30:3d:b1:
                    07:20:b7:a1:56:97:aa:ed:f5:dd:94:80:46:fb:cf:
                    12:b9:5a:33:61:c6:4d:a3:33:42:d5:d5:f2:90:00:
                    49:cf:f7:af:eb:6a:01:66:f4:6f:dd:22:56:9b:d2:
                    f6:a4:ab:cd:2d:d3:5e:32:34:86:e6:74:ce:5b:91:
                    cc:51:88:c9:02:e0:06:7f:73:3d:96:d0:d3:78:6d:
                    35:a5:9a:cb:5c:70:88:bf:bf:42:68:7b:dd:17:3a:
                    ea:47:d4:41:4a:9e:4b:5c:2b:82:22:fe:d0:7c:a7:
                    3b:2b:9a:8e:90:bd:4a:9f:a3:f3:29:2d:a6:15:70:
                    b9:34:d6:64:33:e3:88:4a:a1:e6:66:34:91:b7:ff:
                    b0:44:55:3f:0b:9f:e3:20:e6:5d:9a:87:ad:cd:a2:
                    be:19:9b:e4:6d:db:7a:42:48:2b:b7:cf:d7:d3:ef:
                    ac:86:06:9c:0e:5d:c6:e9:d3:88:ae:26:a9:1c:35:
                    3c:8d:b1:89:82:88:e6:d1:15:bd:b9:a1:ad:be:6a:
                    e9:d3:21:aa:cd:dd:be:31:d8:f0:82:a9:e3:d6:47:
                    ca:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:87:53:92:F1:F6:36:60:C3:8D:0B:02:48:CF:61:31:D6:70:90:6F
            X509v3 Authority Key Identifier:
                keyid:14:70:94:B4:E4:47:E3:EE:2D:CC:3F:D5:27:3D:46:EB:9D:C4:78:07

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer

            Subject Information Access:
                RPKI Notify - URI:https://rrdp.lacnic.net/rrdp/notification.xml
                CA Repository - URI:rsync://repository.lacnic.net/rpki/lacnic/171fbb0a-3d2e-49a7-869d-e8c2b4c1f070/
                RPKI Manifest - URI:rsync://repository.lacnic.net/rpki/lacnic/171fbb0a-3d2e-49a7-869d-e8c2b4c1f070/324de8920173d39f7e57f07a22d818efa49b5475.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.124.120.0/24
                IPv6:
                  2801:0:1f0::/48

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  262200

    Signature Algorithm: sha256WithRSAEncryption
         b4:b3:7d:94:4f:80:11:6e:96:59:af:0f:71:27:f4:31:f1:05:
         d3:79:0d:08:78:aa:05:df:59:de:2e:c9:f4:f6:21:fb:e0:5f:
         98:29:c3:f7:bd:5e:5c:f4:67:1f:ec:cd:21:2d:f0:35:10:70:
         93:06:9b:0f:64:c3:91:cb:a1:34:4e:97:2c:85:bc:17:b0:71:
         0d:ea:0b:03:82:d8:70:e1:42:c0:aa:15:c9:84:9f:ab:00:b1:
         2b:5f:c5:8f:c7:02:db:4c:0a:96:f2:a6:8c:f7:7c:ec:ee:a9:
         b5:5d:fa:72:e7:64:46:af:49:be:6a:e3:19:ae:5b:1a:1b:5b:
         31:e6:6d:0a:70:2a:3e:b4:47:4a:b1:c8:2b:95:83:4a:30:6e:
         c9:c6:ef:49:58:9a:7d:be:ae:d4:eb:c3:db:a2:31:ef:fc:28:
         29:9f:9e:86:65:cd:f8:46:93:74:3b:4a:41:e1:36:21:4b:1b:
         43:0a:c9:a0:90:61:3b:30:bb:08:43:f5:ab:62:f0:54:44:ba:
         fc:28:fc:bb:a2:51:b3:35:c2:f0:88:07:a3:2a:73:2c:9a:e7:
         f5:3c:40:db:24:eb:04:de:e7:8a:61:ad:4f:4f:08:7c:01:b0:
         15:54:64:06:a3:98:f1:d1:06:0d:80:88:b4:b6:00:2d:64:3f:
         5e:cc:10:f8
-----BEGIN CERTIFICATE-----
MIIF3DCCBMSgAwIBAgIEAPUovDANBgkqhkiG9w0BAQsFADAeMRwwGgYDVQQDExNw
cm9kdWN0aW9uIE89bGFjbmljMB4XDTIxMDUxODIwMjQ1MVoXDTI0MDkxNDIyNTgy
NFowMzExMC8GA1UEAxMoMzI0ZGU4OTIwMTczZDM5ZjdlNTdmMDdhMjJkODE4ZWZh
NDliNTQ3NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKZgGOMjCZwv
59MNtcHQBjut9HfroxlzvV6RzHwnn1fU8gHw97upDXBgMD2xByC3oVaXqu313ZSA
RvvPErlaM2HGTaMzQtXV8pAASc/3r+tqAWb0b90iVpvS9qSrzS3TXjI0huZ0zluR
zFGIyQLgBn9zPZbQ03htNaWay1xwiL+/Qmh73Rc66kfUQUqeS1wrgiL+0HynOyua
jpC9Sp+j8yktphVwuTTWZDPjiEqh5mY0kbf/sERVPwuf4yDmXZqHrc2ivhmb5G3b
ekJIK7fP19PvrIYGnA5dxunTiK4mqRw1PI2xiYKI5tEVvbmhrb5q6dMhqs3dvjHY
8IKp49ZHyhMCAwEAAaOCAwswggMHMB0GA1UdDgQWBBTbh1OS8fY2YMONCwJIz2Ex
1nCQbzAfBgNVHSMEGDAWgBQUcJS05Efj7i3MP9UnPUbrncR4BzAPBgNVHRMBAf8E
BTADAQH/MA4GA1UdDwEB/wQEAwIBBjByBggrBgEFBQcBAQRmMGQwYgYIKwYBBQUH
MAKGVnJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jwa2kvbGFjbmljL2Zm
MTRlOTA1NWQ1YWZhYTM3ZmJlMjBmNGEyNmJkMTNjOGYxOGQ3OWEuY2VyMIIBNAYI
KwYBBQUHAQsEggEmMIIBIjA5BggrBgEFBQcwDYYtaHR0cHM6Ly9ycmRwLmxhY25p
Yy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMFsGCCsGAQUFBzAFhk9yc3luYzov
L3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xhY25pYy8xNzFmYmIwYS0zZDJl
LTQ5YTctODY5ZC1lOGMyYjRjMWYwNzAvMIGHBggrBgEFBQcwCoZ7cnN5bmM6Ly9y
ZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9sYWNuaWMvMTcxZmJiMGEtM2QyZS00
OWE3LTg2OWQtZThjMmI0YzFmMDcwLzMyNGRlODkyMDE3M2QzOWY3ZTU3ZjA3YTIy
ZDgxOGVmYTQ5YjU0NzUubWZ0MIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzov
L3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xhY25pYy80OGYwODNiYi1mNjAz
LTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZmYxNGU5MDU1ZDVhZmFhMzdmYmUyMGY0
YTI2YmQxM2M4ZjE4ZDc5YS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAMh8eDAPBAIAAjAJAwcAKAEAAAHw
MBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwQAODANBgkqhkiG9w0BAQsFAAOCAQEA
tLN9lE+AEW6WWa8PcSf0MfEF03kNCHiqBd9Z3i7J9PYh++BfmCnD971eXPRnH+zN
IS3wNRBwkwabD2TDkcuhNE6XLIW8F7BxDeoLA4LYcOFCwKoVyYSfqwCxK1/Fj8cC
20wKlvKmjPd87O6ptV36cudkRq9JvmrjGa5bGhtbMeZtCnAqPrRHSrHIK5WDSjBu
ycbvSViafb6u1OvD26Ix7/woKZ+ehmXN+EaTdDtKQeE2IUsbQwrJoJBhOzC7CEP1
q2LwVES6/Cj8u6JRszXC8IgHoypzLJrn9TxA2yTrBN7nimGtT08IfAGwFVRkBqOY
8dEGDYCItLYALWQ/XswQ+A==
-----END CERTIFICATE-----